.TH SSH-MITM-SERVER 1 "SSH-MITM 5.0.1" "SSH-MITM Manual"

.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l

.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
SSH-MITM \- ssh audits made simple
.SH SYNOPSIS
.sp
.nf

\fIssh-mitm server\fR [<args>]
.fi
.sp

.SH "DESCRIPTION"
This manual page explains the
.B SSH-MITM-SERVER
program.

.SH "OPTIONS"


.SS "server"

.B
.IP --listen-port LISTEN_PORT
listen port of SSH-MITM

.B
.IP --transparent
enables transparent mode (requires root)

.B
.IP --remote-host
 remote host to connect to (default 127.0.0.1)

.B
.IP --remote-port
remote port to connect to (default 22)

.B
.IP --auth-username
optional username for remote authentication

.B
.IP --auth-password
optional password for remote authentication

.B
.IP --host-key HOST_KEY
host key file

.B
.IP --host-key-algorithm
host key algorithm (default rsa)
.br
.B Values:
    dss, rsa, ecdsa, ed25519

.B
.IP --host-key-length HOST_KEY_LENGTH
host key length for dss and rsa (default 2048)

.B
.IP --request-agent-breakin
enables agent forwarding and tryies to break in to the agent, if not forwarded

.B
.IP --banner-name
set a custom string as server banner

.B
.IP --store-scp-files
store files from scp

.B
.IP --store-sftp-files
store files from sftp

.B
.IP --enable-trivial-auth
enables "trivial success authentication" spoofing attack

.B
.IP --hide-credentials
do not log credentials (usefull for presentations)

.B
.IP --enable-auth-fallback
use a honeypot if no agent was forwarded to login with publickey auth

.B
.IP --fallback-host
fallback host for the honeypot

.B
.IP --fallback-port
fallback port for the honeypot

.B
.IP --fallback-username
username for the honeypot

.B
.IP --fallback-password
password for the honeypot

.B
.IP --store-ssh-session
store ssh session in scriptreplay format

.B
.IP --session-log-dir
directory to store ssh session logs
